An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-21T14:24:03
Updated: 2024-08-03T05:03:32.875Z
Reserved: 2022-03-06T00:00:00
Link: CVE-2022-26494
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-03-21T15:15:08.313
Modified: 2022-03-28T17:18:35.420
Link: CVE-2022-26494
Redhat
No data.